GHSA-5353-F8FQ-65VC New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure

Summary A logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAuthn assertion. Affected versions = v0.10.0 Description The POST /api/verify endpoint supports multiple secure verification...

CVE-2026-32879

CVE-2026-32879 affects New API (LLM gateway/AI asset management). Beginning with version 0.10.0, a logic flaw in the universal secure verification flow lets an authenticated user with a registered passkey satisfy secure verification without completing a WebAuthn assertion. Exploitation status is ...

CVE-2022-27240

scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...

EUVD-2022-31749

Malicious code in bioql PyPI...

CVE-2022-27240

scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...

CVE-2022-27240

scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...

UBUNTU-CVE-2022-27240

scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion...

CVE-2022-27240

CVE-2022-27240 concerns Glewlwyd SSO server 2.x before 2.6.2, where a buffer overflow in the WebAuthn support (scheme/webauthn.c) is associated with a WebAuthn assertion. The Red Hat and related advisories confirm the same description. No exploit details are provided in the connected documents. T...